Red hat Openstack Vulnerabilities

Scope Deletion Vulnerability Affects OpenStack Security

CVE-2023-6110

Red HatRed Hat Openstack Plat...5.5MEDIUM

HTML Injection Vulnerability in Hibernate Validator

CVE-2023-1932

Red HatA-MQ Clients 26.1MEDIUM

OpenStack Platform Vulnerability Exposes Containers to MITM Attacks

CVE-2024-8007

Red HatRed Hat Openstack Plat...8.1HIGH

Unbound: heap-buffer-overflow in unbound

CVE-2024-43168

Red HatRed Hat Enterprise Lin...4.8MEDIUM

Segmentation Fault Vulnerability in Unbound's ub_ctx_set_fwd Function

CVE-2024-43167

Red HatRed Hat Enterprise Lin...2.8LOW

Rhosp-director: cleartext passwords exposed in logs

CVE-2024-4840

Red HatRed Hat Openstack Plat...5.5MEDIUM

Incomplete Fix for CVE-2023-39325/CVE-2023-44487 in Red Hat OpenStack Platform

CVE-2024-4438

Red HatRed Hat Openstack Plat...7.5HIGH

Incomplete Fix for CVE-2021-44716 in Red Hat OpenStack Platform

CVE-2024-4437

Red HatRed Hat Openstack Plat...7.5HIGH

Incomplete Fix for CVE-2022-41723 in Red Hat OpenStack Platform

CVE-2024-4436

Red HatRed Hat Openstack Plat...7.5HIGH

Memory Leak Vulnerability in Golang RSA Code Could Lead to Resource Exhaustion

CVE-2024-1394

Red HatRed Hat Ansible Automa...7.5HIGH

Private Configuration Information Exposed in OpenStack Designate

CVE-2023-6725

Red HatRed Hat Openstack Plat...6.6MEDIUM

Crafted Geneve Packets May Cause Denial of Service and Invalid Memory Accesses in Open vSwitch

CVE-2023-3966

Red HatOpenvswitch7.5HIGH

Glance-store: glance store access key logged in debug log level

CVE-2024-1141

Red HatRed Hat Openstack Plat...5.5MEDIUM

Python-eventlet: patch regression for cve-2021-21419 in some red hat builds

CVE-2023-5625

Red HatIronic Content For Red...7.5HIGH

Openvswitch don't match packets on nd_target field

CVE-2023-5366

Red HatOpenvswitch5.5MEDIUM

Service monitor mac flow is not rate limited

CVE-2023-3153

Red HatOvn5.3MEDIUM

Undertow: outofmemoryerror due to @multipartconfig handling

CVE-2023-3223

Red HatRed Hat Fuse 7.12.17.5HIGH

Incomplete container isolation

CVE-2023-1636

Red HatOpenstack-barbican6MEDIUM

Insecure barbican configuration file leaking credential

CVE-2023-1633

Red HatOpenstack-barbican6.6MEDIUM

Information leak in api

CVE-2023-1625

Red HatOpenstack-heat7.4HIGH

Instack-undercloud: rsync leaks information to undercloud

CVE-2022-3596

Red HatRed Hat Openstack Plat...7.5HIGH

Plain-text passwords saved in /var/log/messages

CVE-2022-3261

Red HatOpenstack4.4MEDIUM

Infinite loop in sslconduit during close

CVE-2023-1108

Red Hatundertow7.5HIGH

Triggerable assertion due to race condition in hot-unplug

CVE-2023-3301

Red Hatqemu5.6MEDIUM

Dma reentrancy issue (incomplete fix for cve-2021-3750)

CVE-2023-2680

Red Hatqemu8.2HIGH

Vulnerability Published:

Sort By:

17 November 2024

Scope Deletion Vulnerability Affects OpenStack Security

7 November 2024

HTML Injection Vulnerability in Hibernate Validator

21 August 2024

OpenStack Platform Vulnerability Exposes Containers to MITM Attacks

12 August 2024

Unbound: heap-buffer-overflow in unbound

Segmentation Fault Vulnerability in Unbound's ub_ctx_set_fwd Function

14 May 2024

Rhosp-director: cleartext passwords exposed in logs

8 May 2024

Incomplete Fix for CVE-2023-39325/CVE-2023-44487 in Red Hat OpenStack Platform

Incomplete Fix for CVE-2021-44716 in Red Hat OpenStack Platform

Incomplete Fix for CVE-2022-41723 in Red Hat OpenStack Platform

21 March 2024

Memory Leak Vulnerability in Golang RSA Code Could Lead to Resource Exhaustion

15 March 2024

Private Configuration Information Exposed in OpenStack Designate

22 February 2024

Crafted Geneve Packets May Cause Denial of Service and Invalid Memory Accesses in Open vSwitch

1 February 2024

Glance-store: glance store access key logged in debug log level

1 November 2023

Python-eventlet: patch regression for cve-2021-21419 in some red hat builds

6 October 2023

Openvswitch don't match packets on nd_target field

4 October 2023

Service monitor mac flow is not rate limited

27 September 2023

Undertow: outofmemoryerror due to @multipartconfig handling

24 September 2023

Incomplete container isolation

Insecure barbican configuration file leaking credential

Information leak in api

20 September 2023

Instack-undercloud: rsync leaks information to undercloud

15 September 2023

Plain-text passwords saved in /var/log/messages

14 September 2023

Infinite loop in sslconduit during close

13 September 2023

Triggerable assertion due to race condition in hot-unplug

Dma reentrancy issue (incomplete fix for cve-2021-3750)